ProGuard在Android上导致SSL握手错误
我的应用程序在没有模糊处理的情况下运行良好(特别是在ProGuard中启用了-dontobfuscate),但一旦启用模糊处理,SSL查询就会失败,并出现以下错误:ProGuard在Android上导致SSL握手错误,android,ssl,proguard,Android,Ssl,Proguard,我的应用程序在没有模糊处理的情况下运行良好(特别是在ProGuard中启用了-dontobfuscate),但一旦启用模糊处理,SSL查询就会失败,并出现以下错误: javax.net.ssl.SSLHandshakeException: Handshake failed at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.startHandshake(:com.google.android.gms:418) at com.andr
javax.net.ssl.SSLHandshakeException: Handshake failed
at com.google.android.gms.org.conscrypt.OpenSSLSocketImpl.startHandshake(:com.google.android.gms:418)
at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:212)
at com.android.okhttp.Connection.connect(Connection.java:1322)
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:1410)
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:131)
at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:484)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:465)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:371)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:476)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:118)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:25)
你知道是哪个阶级造成的吗
ProGuard配置:
-dontoptimize
#-dontobfuscate
# Preverification is irrelevant for the dex compiler and the Dalvik VM.
-dontpreverify
-ignorewarnings
#-printusage "usage.txt"
# usunięte z powodu crashlytics
#-printmapping "out.map"
# Reduce the size of the output some more.
#-repackageclasses ''
#-allowaccessmodification
# Switch off some optimizations that trip older versions of the Dalvik VM.
#-optimizations !code/simplification/arithmetic
# Keep a fixed source file attribute and all line number tables to get line
# numbers in the stack traces.
# You can comment this out if you're not interested in stack traces.
-renamesourcefileattribute SourceFile
-keepattributes SourceFile,LineNumberTable
# RemoteViews might need annotations.
-keepattributes *Annotation*
# Preserve all fundamental application classes.
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.preference.Preference
# Preserve all View implementations, their special context constructors, and
# their setters.
-keep public class * extends android.view.View {
public <init>(android.content.Context);
public <init>(android.content.Context, android.util.AttributeSet);
public <init>(android.content.Context, android.util.AttributeSet, int);
public void set*(...);
}
# Preserve all classes that have special context constructors, and the
# constructors themselves.
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet);
}
# Preserve all classes that have special context constructors, and the
# constructors themselves.
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet, int);
}
-keepclassmembers class * extends android.content.Context {
public void *(android.view.View);
public void *(android.view.MenuItem);
}
# Preserve the special fields of all Parcelable implementations.
-keepclassmembers class * implements android.os.Parcelable {
static android.os.Parcelable$Creator CREATOR;
}
# Preserve static fields of inner classes of R classes that might be accessed
# through introspection.
-keepclassmembers class **.R$* {
public static <fields>;
}
# Preserve the required interface from the License Verification Library
# (but don't nag the developer if the library is not used at all).
-keep public interface com.android.vending.licensing.ILicensingService
-dontnote com.android.vending.licensing.ILicensingService
# The Android Compatibility library references some classes that may not be
# present in all versions of the API, but we know that's ok.
-dontwarn android.support.**
# Preserve all native method names and the names of their classes.
-keepclasseswithmembernames class * {
native <methods>;
}
# Preserve the special static methods that are required in all enumeration
# classes.
-keepclassmembers class * extends java.lang.Enum {
public static **[] values();
public static ** valueOf(java.lang.String);
}
# Explicitly preserve all serialization members. The Serializable interface
# is only a marker interface, so it wouldn't save them.
# You can comment this out if your application doesn't use serialization.
# If your code contains serializable classes that have to be backward
# compatible, please refer to the manual.
-keepclassmembers class * implements java.io.Serializable {
static final long serialVersionUID;
static final java.io.ObjectStreamField[] serialPersistentFields;
private void writeObject(java.io.ObjectOutputStream);
private void readObject(java.io.ObjectInputStream);
java.lang.Object writeReplace();
java.lang.Object readResolve();
}
-keep class * implements org.xml.sax.EntityResolver
-keepclassmembers class * {
** MODULE$;
}
####################################################################################################
# moje
####################################################################################################
# -keep public class mypackage.MyClass
# -keep public interface mypackage.MyInterface
# -keep public class * implements mypackage.MyInterface
# bo animatory
-keepclassmembers class pl.qus.** {
public void set*(...);
public *** get*();
}
-keep class pl.qus.xenoamp.fragment.** { *; }
# chyba konieczne dla adapterów używanych w ciele withView<>()
-keep class pl.qus.xenoamp.adapter.** { *; }
-keep class pl.qus.clients.model.** { *; }
# Crashlytics
#-keep class com.crashlytics.** { *; }
#-keep class com.crashlytics.android.**
-keep public class * extends java.lang.Exception
# Event Bus
-keepclassmembers class pl.qus.** {
public void onEvent*(**);
}
# audiotagger
-keep class org.jaudiotagger.** { *; }
####################################################################################################
# nie-moje
####################################################################################################
# gson-xml
-keep class stanfy.** { *; }
# jcifs
-keep class jcifs.** { *; }
# cling
-keep class org.fourthline.** { *; }
-keepattributes InnerClasses
#-keep class nurik.wizard.** { *; }
# textSurface
-keep class su.levenetc.android.textsurface.** { *; }
# Gson uses generic type information stored in a class file when working with fields. Proguard
# removes such information by default, so configure it to keep all of it.
# bez tego kotlinowe lambdy będą się jebać!
-keepattributes Signature
# Gson specific classes
-keep class sun.misc.Unsafe { *; }
# Green dao
-keepclassmembers class * extends de.greenrobot.dao.AbstractDao {
public static java.lang.String TABLENAME;
}
-keep class **$Properties
# play services
-keep public class com.google.android.gms.* { public *; }
-dontwarn com.google.android.gms.**
# spotify
-keep class com.spotify.** { *; }
# jsoup
-keep class org.jsoup.** { *; }
-keep class tv.danmaku.ijk.** { *; }
使用此类代码:
fun getResponse(method: String = "GET",
protocol: String = "https",
host: String,
path: String,
query: Map<String, String> = hashMapOf<String, String>(),
headery: MutableMap<String, String> = hashMapOf<String, String>(),
allowRedirects: Boolean = false,
postContents: String = "",
useCache: Boolean = true,
wait: Long = 0,
port: Int = -1): RestResponse {
if (!useCache) {
Thread.sleep(wait)
}
val connection = getConnection(method, protocol, host, path, headery, query, port) as HttpURLConnection
if (!allowRedirects)
connection.instanceFollowRedirects = false
return connection.obtainRestResponse(postContents, useCache).apply { connection.disconnect() }
}
private fun getConnection(method: String, protocol: String, host: String, path: String, headery: MutableMap<String, String>, query: Map<String, String>, port : Int = -1): URLConnection {
if(protocol=="https") {
val sc = SSLContext.getInstance("TLS") // bylo: SSL
sc.init(null, XenoHttpClient.trustAllCerts, java.security.SecureRandom())
HttpsURLConnection.setDefaultSSLSocketFactory(sc.socketFactory)
HttpsURLConnection.setDefaultHostnameVerifier { s, sslSession -> true }
}
var connection = buildUrl(protocol, host, path, query, port).openConnection() as HttpURLConnection
connection.requestMethod = method
if (!headery.containsKey("User-Agent"))
headery.put("User-Agent", "curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.23")
connection.applyHeaders(headery)
connection.useCaches = false
return connection
}
private fun HttpURLConnection.obtainRestResponse(postContents: String = "", useCache: Boolean = true): RestResponse {
if (postContents.isNotBlank()) {
this.doOutput = true
Logger.d("POST contents:$postContents")
DataOutputStream(this.outputStream).let {
it.writeBytes(postContents)
it.flush()
it.close()
}
}
this.connect()
if (responseCode == HttpURLConnection.HTTP_OK || responseCode == HttpURLConnection.HTTP_MOVED_TEMP) {
val kesz = XenoFile(XenoAmp.cacheDir(),
XenoUtility.md5(this.url.toString()))
var cachingReq = false
var istream = if (this.requestMethod.toUpperCase() != "GET") {
// nie keszujemy put/delete!
inputStream
} else if (useCache && kesz.exists()) {
// już go mamy, więc z niego czytamy
Logger.d("Query cached locally:" + this.url.toString())
XenoFileInputStream(kesz)
} else {
// nie mamy w keszu
cachingReq = useCache
inputStream
}
val tekst = XenoFile.streamToText(istream)
if (cachingReq) {
XenoFile.cacheText(this.url.toString(), tekst)
}
return RestResponse(responseCode, headersToMap(this.headerFields), tekst)
} else {
if(errorStream!=null) {
val tekst = try {
XenoFile.streamToText(errorStream)
} catch (x: Exception) {
Logger.e(x, "Problem")
"REST Error: Bad status: $responseCode"
}
Logger.d("Error stream:$tekst")
throw IllegalStateException(tekst)
} else {
Logger.d("Problem obtaining response for:${this.url} --> $responseCode,$responseMessage")
throw IllegalStateException(responseMessage)
}
}
}
fun buildUrl(protocol: String, host: String, path: String, query: Map<String, String>, port : Int = -1)
= if(port!=-1) URL(protocol, host, port, path + query.toQueryString()) else URL(protocol, host, path + query.toQueryString())
fun-getResponse(方法:String=“GET”,
协议:String=“https”,
主持人:字符串,
路径:字符串,
查询:Map=hashMapOf(),
headery:MutableMap=hashMapOf(),
AllowerDirects:Boolean=false,
PostContent:String=“”,
useCache:Boolean=true,
等待:Long=0,
端口:Int=-1):重新响应{
如果(!useCache){
线程。睡眠(等待)
}
val connection=getConnection(方法、协议、主机、路径、标题、查询、端口)作为HttpURLConnection
如果(!allower)
connection.InstanceFlowRedirects=false
返回connection.GetainResponse(PostContent,useCache)。应用{connection.disconnect()}
}
private-fun-getConnection(方法:String,协议:String,主机:String,路径:String,headery:MutableMap,查询:Map,端口:Int=-1):URLConnection{
如果(协议==“https”){
val sc=SSLContext.getInstance(“TLS”)//bylo:SSL
sc.init(null,XenoHttpClient.trustAllCerts,java.security.SecureRandom())
HttpsURLConnection.setDefaultSSLSocketFactory(sc.socketFactory)
HttpsURLConnection.setDefaultHostnameVerifier{s,sslSession->true}
}
var connection=buildUrl(协议、主机、路径、查询、端口)。openConnection()作为HttpURLConnection
connection.requestMethod=方法
如果(!headery.containsKey(“用户代理”))
headery.put(“用户代理”,“curl/7.22.0(i686 pc linux gnu)libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.23”)
连接。applyHeaders(头部)
connection.useCaches=false
回路连接
}
private fun HttpURLConnection.GetainResponse(PostContent:String=”“,useCache:Boolean=true):Response{
if(postContents.isNotBlank()){
this.doOutput=true
Logger.d(“帖子内容:$postContents”)
DataOutputStream(this.outputStream)。让{
it.writeBytes(后内容)
it.flush()
it.close()
}
}
this.connect()
if(responseCode==HttpURLConnection.HTTP|u OK | | responseCode==HttpURLConnection.HTTP|u MOVED|u TEMP){
val kesz=XenoFile(XenoAmp.cacheDir(),
XenoUtility.md5(this.url.toString())
var cachingReq=false
var istream=if(this.requestMethod.toUpperCase()!=“GET”){
//nie keszujemy放入/删除!
输入流
}else if(useCache&&kesz.exists()){
//朱戈·梅米,维兹·尼戈·沙特米
Logger.d(“本地缓存的查询:+this.url.toString())
XenoFileInputStream(kesz)
}否则{
//尼梅维克苏
cachingReq=useCache
输入流
}
val-tekst=XenoFile.streamToText(istream)
if(cachingReq){
XenoFile.cacheText(this.url.toString(),tekst)
}
返回Response(responseCode,headersToMap(此headerFields),tekst)
}否则{
if(errorStream!=null){
val tekst=try{
XenoFile.streamToText(错误流)
}捕获(x:异常){
Logger.e(x,“问题”)
“REST错误:错误状态:$responseCode”
}
Logger.d(“错误流:$tekst”)
抛出非法状态异常(tekst)
}否则{
Logger.d(“获取响应时出现问题:${this.url}-->$responseCode,$responseMessage”)
抛出非法状态异常(responseMessage)
}
}
}
FunBuildURL(协议:字符串,主机:字符串,路径:字符串,查询:映射,端口:Int=-1)
=如果(端口!=-1)URL(协议、主机、端口、路径+查询.toQueryString())其他URL(协议、主机、路径+查询.toQueryString())
从外观上看可能是okhttp。您是否尝试添加okhttp proguard规则
-dontwarn com.squareup.okhttp3.**
-keep class com.squareup.okhttp3.* { *;}
-dontwarn okio.
根据okhttp版本的不同,如果禁用ProGuard,您可能需要丢失okhttp3上的3,您可以完成HTTP调用吗?是的,没有问题。具体来说,关闭模糊处理可以消除错误。模糊代码导致上述问题。不知道这有什么负面影响…我以前也犯过同样的错误,但不是一个进步的问题。是我访问的web服务的认证。因此,我不得不在网络通话中绕过该证书。@Ssuuk发布proguard-rules.pro文件的内容。由于我无法在设定的时间限制内对其进行测试,我想我将只对收到的答案进行评分。谢谢你的支持!
-dontwarn com.squareup.okhttp3.**
-keep class com.squareup.okhttp3.* { *;}
-dontwarn okio.